Kalibrate Customer Documentation Portal

Welcome

As part of our ongoing commitment to data, Kalibrate has implemented a new suite of Application Programming Interfaces (API's) that provide customers on-line access to Kalibrate Pricing Data. These new Data API's expose a broad range of pricing data to our customers through an always-on set of web services.

This site is intended to provide a guide to customers wishing to create new system integrations, reports, and visualizations that consume data from the Data API.

Architecture Overview

The Kalibrate Data API has been implemented as a pure Cloud SaaS product. It integrates with our existing pricing products to expose data to authorized users, employing a highly resilient, available, and scalable architecture to support high volume throughput access to data.

To support the potential high demand for data from our customers (and to prevent any undue impact to existing Kalibrate Pricing services), Kalibrate has chosen to synchronize customer data into a shared cloud service.

Microsoft’s flagship Global Document database service, Azure Cosmos DB, is the foundation of the Data API.

Data is synchronized in near-real-time from customer SQL databases, via a secure private link, into customer isolated data partitions within the Azure Cosmos DB platform.

API Overview

Security

  • All data is encrypted, at rest and in-transit through the system and to the customer.
  • Data access is authenticated and authorised via an Azure Active Directory Client Credentials provider, using the OAuth 2.0 authentication and authorization protocol using Kalibrate owned, managed and issued client credentials.
  • Credentials are associated with a Kalibrate Tenant that represents a customer environment.
  • Each client credential provides access to only that associated Kalibrate Tenant / Environment's data.
  • To ensure the highest levels of security, all endpoints are exposed using a Web Application Firewall which applies the OWASP 3.0 ruleset in full Prevention mode.
  • All traffic is monitored via the gateway, and all authentic requests are logged as transactions within our internal Audit log
Environments